On Sat, Apr 27, 2002 at 01:14:44PM -0700, Paul Overby wrote:
> Thanks to anyone who took their precious time to check my problem but I 
> figured it out. Request was being rejected because of the hosts.deny 
> file even though I had ssh in the hosts.allow file.
> What's the correct specification for hosts.allow.

As far as I know, the current convention is to not use the host.deny file
at all, but put all your ALLOW and DENY rules in you host.allow.  For ssh
you would do something like

sshd: ip.to.allow : rfc931 : ALLOW
sshd: ALL : DENY

That will allow ssh connection from ip.to.allow.  If you need to allow ssh
connection from everywhere, I suggest

sshd: ALL EXCEPT PARANOID : rfc931 : ALLOW

That will allow ssh connection except from hosts who's forward and reverse
DNS entries don't match.

These same rules can be used for other services, too, making the appropriate
substitutions, of course.

Gabe
-- 
Gabe Turner                                             gabe at msi.umn.edu
SGI Origin Systems Administrator,
University of Minnesota Supercomputing Institute
 for Digital Simulation and Advanced Computation         www.msi.umn.edu